Search

Subscribe

Implicit Passwords

This is a really interesting research paper (article here) on implicit passwords: something your unconscious mind remembers but your conscious mind doesn't know. The Slashdot post is a nice summary:

A cross-disciplinary team of US neuroscientists and cryptographers have developed a password/passkey system that removes the weakest link in any security system: the human user. It's ingenious: The system still requires that you enter a password, but at no point do you actually remember the password, meaning it can't be written down and it can't be obtained via coercion or torture -- i.e. rubber-hose cryptanalysis. The system, devised by Hristo Bojinov of Stanford University and friends from Northwestern and SRI, relies on implicit learning, a process by which you absorb new information -- but you're completely unaware that you've actually learned anything; a bit like learning to ride a bike. The process of learning the password (or cryptographic key) involves the use of a specially crafted computer game that, funnily enough, resembles Guitar Hero. Their experimental results suggest that, after a 45 minute learning session, the 30-letter password is firmly implanted in your subconscious brain. Authentication requires that you play a round of the game -- but this time, your 30-letter sequence is interspersed with other random 30-letter sequences. To pass authentication, you must reliably perform better on your sequence. Even after two weeks, it seems you are still able to recall this sequence.

The system isn't very realistic -- people aren't going to spend 45 minutes learning their passwords and a few minutes authenticating themselves -- but I really like the direction this research is going.

Comments

Seems to me that if you don't really know it, then while you can't be forced to reveal it, it may be much simpler to trick you into revealing it. I'd be worried about activities in another context that provoke the same reactions as the password context.

"people aren't going to spend 45 minutes learning their passwords and a few minutes authenticating themselves

They might for some super-high-security scenarios:

"Mr President, we have no choice, we must authorise the launch of a massive nuclear strike."
"I understand, bring me the authentication console."
*unlocks a steel box, and gingerly lifts out a plastic guitar with multicoloured buttons on the frets*

@grahamegrieve, michael
The authentication method involves demonstrating that you can respond to the password sequence better than you can respond to a random sequence. So the computer doing the authentication gives you a random sequence of cues with the "password" embedded into the sequence.

I am absolutely terrible at games like guitar hero. I mean, really, really bad. I can easily see that I would regularly be disabling my account due to invalid password entry (however that would be determined).

The idea that this removes the human user is erroneous. As 'grahamegrieve' has pointed out, it's little better mitigation against 'rubber-hose cryptanalysis' than anything else - since you can just be told to repeat it. Indeed, it's arguably worse since you _have_ to be physically kidnapped. You can't just hand over the password in response to extortion at a distance (since you don't know it), which puts you in physical danger where you otherwise wouldn't be in, assuming you can't hand over the authentication remotely.

So if you have great, permanent physical security perhaps this is a positive. If you're anyone else, you're increasing your personal risk.

In some ways this would be even more dangerous from a security viewpoint.

For example, if a large multinational was known to use a particular form of this, flash games could be created and insinuated into the email and web feeds of known employees. Those flash games would implement the same muscle-memory triggers but in shorter sequences.

As the game builds up a table of what sequences are coming out stronger it can string more of them together until it has a high-probability end result. The assumption that this authentication scheme is foolproof would probably mean that successful breaches could evade detection for a significant length of time.

You could also craft a game which could *disrupt* the learned patterns by taking sequences that have a better reproduction quality, recreating them with deletions or mutations and using them to reinforce 'bad' sequences, potentially causing an interesting new form of DoS attack where employees are no longer able to recreate their passwords and have to spend the whole morning training up a new one!

If this would be common, and everybody used a similar technique.
Then anytime I authenticated I would be leaking information about all by "passwords".
And just by watching how I play(authenticate) an attacker could gradually grow all the sequences I'm good at. More so if we compare this to a challenge response, then the challenge itself leaks the password. and simply collection a few challenges would give you the password.

The same caveat applies with the addition that any web page which takes text input could be silently profiling you (without even the site operator's knowledge), especially given the huge amount of cross-site scripting that goes on with social media and advertising scripts polluting most web pages now.

While an opponent could not force somebody to reveal something he doesn't know, they would obviously be able to force them to play a round of whatever game that system requires. So the gain against rubber-hose persuasion is not evident to me.

If this could be made to work, it would just be a new kind of biometric. The "password" is providing information about the user's neural connections. Some of the standard objections to biometrics apply: e.g. what happens if the user suffers a head injury? What's interesting is that others don't: if somebody steals your password (and you know they did, of course), you can be retrained to a different password. You can't do that with an iris scan. But then you have the problem of how to authenticate the retraining; and it's more of a problem than with a regular password because it takes time. And presumably you'll still have the problem of forgetting passwords. The training will degrade over time if it's not used. (Possibly even if it is.)

So this is interesting, but I'm not clear as to why it's progress as opposed to just shifting the problems around.

The article and the Slashdot post a bit misleading. The paper isn't talking about memory and recall as the terms are usually understood at all. The technique is taking advantage of the brain's tendency to rewire itself to support repeated tasks.

One potential problem I see is that their hypothetical high-security-installation employee is likely to be smarter than average (and thus have more chance of starting to notice the sequences consciously) and have higher neural plasticity (allowing the password to be forgotten more quickly).

The bit on page 8 about trying to detect automated abuse of Mechanical Turk was interesting, seeing as how Mechanical Turk is intended for tasks which are easier for humans than computers. If someone can write software that fools Mechanical Turk, they ought to be submitting it for a Turing test...

For those saying there's little improvment vs 'rubber-hose cryptanalysis', I think the original acticle addresses that.

Not having a game system near me, let's say the the guitar has 4 keys. At 30 "notes" to a password, you've got a password of 4^30 bits of entropy. (aka 1.1529215 × 10^18)

For me crack this, I'd need to kidnap someone, get the right password-game system going, and then try out all 4^30 combinations, hoping that one pass through is enough to spot the real password.

You'd be far better off with a man-in-the-middle attack, and that's a different problem.

In a related note, this reminds me of recent research into pictures flashed at a person very quickly, so quickly that they only have a subconcious reaction. I'm sure such a system could be a faster form of this one. Say, one picture is in and of itself random, but for just you is very familar or evokes an emotional resoponse. The others are new to you or otherwise not signifigant. That process would take a lot less than 45 minutes.

The judge didn't say "Tell us the password" or "Write the password on this paper and give it to law enforcement". He said “I conclude that the Fifth Amendment is not implicated by requiring production of the unencrypted contents of the Toshiba Satellite M305 laptop computer,”

In other words, she had to provide the unencrypted contents of the drive. The method used to log in to decrypt it does not matter. In this case, it was a judge, but if it was a criminal organization looking for your data instead, the same thing would happen. Instead of "Tell me the password so that I can decrypt your data or I'll shoot you" they will sit you down with your computer and say "Log in or I'll shoot you".

What happens when someone forgets the "subconscious" sequence? I would guess people would have more than one password to "memorize". What form would the secret question / answer need to take? How would one recover a lost password? Update it? Going back in time to the funny question answer to secret questions and resetting passwords:

Q) What is your secret question?
A) I don't know, well, I know it, but I am not able to tell you!
Operator: Very good! You got the answer right. Come over here for a 45 minute onsite training session to reset your password, or more accurately, reset your mind

Moreover, because of the inherent latency in the authentication process, this technique will not be widely spread. It may have it's niche areas. Why not use this technique for a crypto key (not as an input to key genertating function) instead. That would be intresting (or maybe not).

I agree with @ Andrew Burday that in a way, this technique changes the "something you know" type authentication to resemble more of a "something you are" such as biometrics. That is not a problem in itself.

I don't think I saw this called out here - it would require the authenticator to store your not-quite-a-password password in plain text.

Often you want the authenticator to store a one-way hash of the password/phrase/biometric/whatever, with various guards around it to make precomputing difficult, and brute-forcing computationally expensive. You present the password to the authenticator, it validates that the hashes match, and then forgets the password again.

Since the authenticator has to present you with the 'password' to see how good you are at reproducing it, it has to store it in the clear.

Unless I'm missing something important, which is always a possibility.

Re: Muscle memory passwords -- I can write my passwords down if I /really/ want since I tend to recite them in my head and visualize the letters as I type them. Though to do it without a keyboard I also have to imagine the typing process. This is the only way I can actually memorize passwords, too!

That said, I'm highly skeptical of this scheme since I know people that can sight read DDR with perfect precision and I'm sure the same type of people exist for Guitar Hero -- how do you distinguish millisecond-perfection from millisecond-perfection to reach the "must reliably perform better on your sequence" threshold?

the company Passfaces uses people's faces from a curated list. You have a short training to learn the faces assigned to you. Then to authenticate, you have to pick the right faces among a series of lists. Works on the human's innate ability to remember faces. Easy to recall, but difficult to impossible to purposely divulge (unless you're a good artist with a good memory). Never got widely accepted, it seems, but interesting and somewhat similar theory behind it with an easier implementation.

It's a interesting variant on the BioPassword scheme. The actual authentication is also based on muscle memory - keystroke dynamics. It's a behavior, not a sequence of symbols, which makes it resistant to disclosure. The bit about interspersing other characters and the guitar paradigm seems to me mostly a red herring, and imposes UI technology burdens to implement. It is subject to the same basic countermeasure, keylogging, with the difference that because of interspersed random characters, 2 and 3 symbol sequence fragments, not the entire password, would have to be played back to impersonate a user.

This would become very interesting if the entire process could be linked to a specific state of mind required to repeat the sequence whereas under others (e.g. stress) the subconscious mind would fail to do so. That would most definitely defeat any form of rubber-hose cryptanalysis. Compare it to a student who is perfectly able to reproduce all he's learned in the comfort of his living room but totally blacks out during the exam itself. Or the guy who freezes doing a presentation in front of a big audience.

For those talking about how it makes rubber hose worse, I guess you forgot how criminals get bank / securitty staff to open a bank vault for them (and it's one of the reasons time locks were invented).

The criminal identifies the target individual and then their home where the targets "loved ones" are. They then wait till the apropriate time and kidnap the target's family, and then by twisting "little Suzie's / Jimmie's" finger make them scream and cry infront of the targets spouse and get the spouse to talk to the target...

Then when the target has been compelled to do what the criminals want the second aspect comes into play,

The criminals have a "family of witnesses" to deal with

So potentialy this system will kill the target's family.

So I understand when people say they don't think this will solve "rubber hose crypto" because it won't, it will end up in a situation where the target if they are a fairly normal person will become more compliant. Because whilst the target might "tough it out" when they are taking the beatings, it's a whole new game when your family is taking the beatings...

Playing with words. The fact that the conversation is saved on the blog is equivalent to guaranteeing @ Dr. Kevorkian's claim for credit. I guess I have to ease up on my humor as well. Thanks for the update:)

This technique is called tiger kidnapping or tiger robbery, and over here we've had quite some instances of it over the years, mostly by bank robbers.

@ Wael

Rubber-hose cannot be defeated in any authentication scheme depending on something you know, something you have, something you are (biometrics) or any combination of those. In some jurisdictions, you can resort to plausable deniability if the mechanism provides for this (e.g. Truecrypt). Under the UK's Regulation of Investigatory Powers Act (RIPA), the burden of proof that you hold the keys rests on the prosecution. But it will still not shield you from agents operating under any other umbrella than that of the law. If you happen to run into Jack Bauer, you'd be pretty screwed too.

Short of authentication schemes that take the user entirely out off the equation, the only mechanism that can hold up is one for which a context/setting is required that cannot be copied by the agents or coerced from the victim. Hence the suggestion in my previous post.

This research misses the point. While interesting academically, it is useless at making people safer.

People with rubber hoses don't want passwords. They want results.

The solution is to have special passwords to be used under duress that do two things:

Raise a silent alarm

Begin aggressive logging of all actions taken, so that they can be reverted at a later date.

The second password should not actually stop the attacker from accomplishing his goals, as that could endanger the keyholder.

In case where the attacker is after information, the duress password could also permanently disable access to the information, by encrypting the data with public key, for example. This will remove incentives for further harm (besides spite). And can also be accompanied by a friendly "This system is currently experiencing unexpected usage load. Please try again in a few minutes." or similar to remove the blame from the coerced victim.

Better yet, the duress password immediately de-authorises the account so that the victim can confirm their story that "They don't even have access to this information."

Besides which, I already do exactly this with my passwords. I remember a pattern of movement and a starting point but am incapable of actually spelling out the sequence of characters: For example [cft678ik,lp-c] or [/;p0okmju7] are both realistic passwords that are very easy to remember on a qwerty keyboard.

Ok, your other suggestion about mental state may work, but is a little far in the future. I think there are other parameters the system designer can control to protect the information and the user. Besides, there are at least three additional authentication mechanisms.
1- where you are
2- what device you are on
3- multi channel authentication (which includes more than one device)

Any of those you mention will considerably raise the bar and the associated costs for both parties, not to mention impact the overall usability of the mechanism. But they may still be defeated by a determined and resourceful adversary. I know it's Hollywood, but Entrapment with Sean Connery or Mission Impossible with Tom Cruise in Langley come to mind.

From where I'm sitting, the perfect authentication mechanism in our line of work to date remains pretty much of a holy grail the same way applied quantum tunneling to macroscopic objects is in particle physics.

"So what's the solution to rubber hose attacks?
Deprive the user of control?"

I think it would be a good idea to try to improve the plausible deniability aspects of Truecrypt and similar software so he can trick the adversary into thinking he has cooperated.

I agree with you though; as long as I, the user, can decrypt the data, I am the weakest link and a target. Whether they force me to tell them the password or decrypt it myself in front of them is irrelevant. And as Clive said, there's nothing stopping them from going after my family either.

I see one implementation detail: when it asks you to log in, it needs to present the same sequence every time. Otherwise, someone who attempts to log in as you enough times will learn your sequence (but not whatever random stuff is appended to it) and eventually authenticate as if they were you by getting better at the non-random part.

But that seems to lead to another problem, wherein if it's *not* random, you'll eventually get better at the whole thing, not just the password sequence.

So there are implementation difficulties concerning the 'control' sequence if you use it for long enough.

I'm a bit confused, if this has anything to do with the subconscious at all. Or maybe I don't understand the concept of subconsciousness

Don't worry it's not you it's mainly other peoples "not thought out view of the world".

Nearly every thing we do is actually a subconcious act, for example bending a finger, lifting a foot or blinking, we don't think "tighten muscle X, relax muscle Y untill...". Some are virtualy fully autonomous (sneezing, blinking, dilating of the eyes) some less so. The usual distinction between autonomous and learned subconcious actions is what a new born child can do is effectivly autonomous and things like tying your shoe laces, riding a bike,driving a car are learned with various stages inbetween. But importantly even what is regarded as "autonomous" can be over ridden with training, most people can learn to not blink for a few moments to do silly things like out stare a cat or other people, or hold their breath to swim under water. Others have got it to the point where they have almost full control over their heart rate (which is exceptionaly difficult I can only do it a small amount after years of trying).

The problem arises with authentication (authN) quite often and it's the grey area between "something you know" (pass word/phrase) and "something you are" (finger print, iris/retina). It is further complicated by people not fundementaly understanding what is tangible (physical) and intangible (information)

And this is where the problem arises because you can be compled by judge/thug to reveal your password because they regard it (incorrectly) as a tangible item like a telephone number or address that is made tangible by being writen down and most people remember it by reciting it in their heads [1]. Likewise you can be compeled by judge/thug to produce/use something tangabile and therefore measurable like a fingerprint or retina scan.

What they fail to realise or fail to acknowledge is that the subconcious alows things to be intangable and not directly measurable with current and possibly future technology (which is another idiotic reason why people have faith in lie detectors).

Further they likewise fail to acknowledge that people are different in many ways though it's obvious. For instance some people can play a given musical instrument moderatly well whilst others cann't, and there are some very few who can play an instrument exceptionaly well whilst just a very few can play instruments from different groups (strings/wind/percussion) exceptionaly well. It's the same with all things that require "fine motor control" including nearly all the "arts" and "sports".

We talk about people being "naturals" and this is usually not true, it usually means they learnt the required fine motor skills whilst very very young whilst others did not. Even very young babies can be taught to catch a ball whilst some fairly normal adults couldn't catch a ball if you droped it into their open hand. I for instance usually couldn't throw an apple core in the bin from the other side of the desk yet I learnt to put bullets and arrows on target exceptionaly well at the limit of their ranges as an adult, I didn't learn to ride a bike untill I was a rather large and somewhat clumsy adult yet I taught myself to ride a uni-cycle safely on roads for distances of over sixty miles and got upto competitive standards in (two wheel) cycling and sailing. They are all "learned skills" as is driving and the standard you reach is mainly determined by how far you are prepared to go to become good at it not inate ability (though that does help you get to the point where a skill becomes just about usable more quickly so lowers the frustration bar).

[1] : Some people remember words others paterns, for instance the word "fred" can be remembered as a word or as a simple patern on the querty keyboard of "make a square going up and left from the f key" thus a hard to remember as a charecter string "zexctvbun" might be remembered as words by "Zen EXeCuTive V BUN" or as the simple sawtooth wave form from left to right on the querty keyboard [2]. In the military often the number to dial on a safe is done by remembering a simple word such as "apple" and remebering a few simple rules to convert the letters into numbers/actions.

[2] : it's been shown that people who are proficient in typing do it the same way most people write, which is not letter by letter but as a remembered sequence of actions for the word [3]

[3] : This has been shown to be the same for musicians they don't remember the notes they remember the tune and the musical score is almost just an aid memoir [4].

[4] : Most people remember tunes from singing/whisteling along a few times and could not tell you the notes or cadence or anything else that you could write down [5]ggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggggg
$$$

Sorry the mobile decided to "take a walk in the park" as I posted my above comment to you.

Iwas going on to add to the main block that,

Autonomous subconscious actions happen at many levels one such is "scratching an itch" many of the higher level movments such as moving the arm to a given position and forming the shape of the hand and performing the actuall act of scratching can also all be conscious actions. And some actions we assume shouldd be conscious actions can with time become subconscious actions such as changing gear or applying the brakes when driving a car you sometimes hear people say "driving on autopilot" where they realy have no memory of getting their car along a familiar route from home to work or shops etc.

There are accepted medical cases of people being fully active and mobile whilst actually being asleep which many would call "sleep walking" but it can be considerably more complex than just walking. The problem with this is how do you know well after the fact if a person was genuinely asleep or just pretending they were for any of a whole host of reasons. Many people are skeptical at best about sleep walking, others not at all whilst some are cursed with the confusion of actually having done so. The best we can say currently is that there are enough indicators to believe it happpens to some people and the reassons why are mainly a matter of conjecture and research. I happen to believe it's possible as I know some one to whom it happens on a regular basis.

And finaly there is what many chose to call hypnosis or suggestive states it is fairly easy to do to most people, although the process is not that you see of stage magicians. There is an interesting hypotheses that couples can effectivly self hypnotise them selves when in the early stages of falling in love and it helps form a strong bond in some people. You can look up the basics of hypnosis induction techniques on the internet and there are more thhhhhhhhhh

You can look up the basics of hypnosis induction techniques on the internet and there are more than a handfull of scholarly articals on the subject.
The simplest induction technique is probably that of "the suken garden", and tends to work better than the "Mountain Trip" or "Forest Walk" methods. These are very similar to "relaxation" and "centering" techniques and usually leave the person in a "light suggestability state" which may be sufficient, if not you can then use various "deepening" methods.

Not all people can be hypnotised and there are various tests for suggestability that can be used. Some people cann't be hypnotised very deeply and it's actually very difficult to make people do things they don't want to do consciously or subconsciously (addiction being a standard problem area) and usually requires many sessions each of which moves a person a little step closer. You see this done with people who want to lose weight or give up smoking but have consistantly failed, sometimes it works better to initially make the unwanted habbit / addiction worse so the person then believes the process works and thus weaken their resistance and make the overall objective easier to reach. Other methods are to use changes in perception relative to the main objective, such as when people have fears about such things as spiders, you get them to notice the beauty of the web in the early morning and compare / contrast it to other things such as flowers little by little the perception changes and makes acceptance of the spider easier as the context within which it is seen has changed.

@Clive
You're bang on with people seeming to be born with talents vs. Having worked at them. I've heard it takes some 10000 hrs to truly 'master' a skill...? I believe it, and I believe it's to do with effort effort effort, not innate born qualities.

This topic reminded me of the XKCD where programmers are 'compiling' and having a sword fight on their rollie-chairs while waiting, as the boss yells at them to get back to work they say 'compiling!' and receive the bosses 'ok' - in this case it'd be the boss saying get back to work and the employee says 'I'm resetting my password!' (For the third time today, hehehe).

How likely is a physical situation for someone in such a position and what are the chances it'd be increased risk because of this system? Wouldn't such severe places with such high requirements have higher physical security too to offset? It's all about risk and weighing what the tradeoffs are and I can't think it'd be much worse with this system than another to be honest (in fact, I'd think a criminal would be compelled to move on to another easier target unless they were determined for a particular one; in that case, they'll succeed eventually anyway, just a matter of time till they find the right crack in the walls at the right (er, wrong) time, eh?)

The system would need to be smart enough to distinguish between real people taking the test and computer vision systems that would perform well on the entirety of it. It would also need to have heuristics that would adapt the anti-robot policy to account for those people that would get better at the entire game with practice.

I have sometimes wondered if it isn't possible to develop a kind of "gestalt cryptography" where each character in a key is a slightly different looking picture. We all know a penny when we see one, but if you've ever seen those psychological experiments where they omit or invert certain details of a penny in 16-25 images, you know how hard it is to actually identify the correct penny without rummaging for one in your pocket.

Maybe a system can be developed where you first choose the letter of your password and then select the correct stylized version from a dozen or three possibilities (or maybe even a random selection of wrong possibilities among several hundred with some sharing certain features of the correct letter while being different in other respects). You would at least have a system where the password is far less easy to accidentally transmit, and it might be much harder to intentionally transmit in the absence of the input system since people tend to remember whole pictures better than they remember details. This might work best if entering the wrong stylized password leads to one or more false messages or false access points. (Then again, you can always claim you remember the password, but cannot remember exactly what the right style of letter looked like.) Like this implicit learning system, it probably would be a devil to initially learn and so wouldn't be too practical, OTOH.